ec2-create-keypair

Description

Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and
displays the private key for you to save to a file. The private key is returned as an
unencrypted PEM encoded PKCS#8 private key. If a key with the specified name already exists,
Amazon EC2 returns an error.

You can have up to five thousand key pairs per region.

Tip

The key pair returned to you is available only in the region in which you create
it. To create a key pair that is available in all regions, use ec2-import-keypair.

For more information, see Key
Pairs in the Amazon EC2 User Guide for Linux Instances.

Default: The value of the AWS_ACCESS_KEY environment variable. If AWS_ACCESS_KEY
isn't set, you must specify this option.

Example: -O AKIAIOSFODNN7EXAMPLE

-W, --aws-secret-key aws_secret_access_key

Your secret access key.

Default: The value of the AWS_SECRET_KEY environment variable. If AWS_SECRET_KEY
isn't set, you must specify this option.

Example: -W wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

-T, --security-tokendelegation_token

The delegation token to pass along to the AWS request. This is only required when you are using temporary security credentials. For more information, see Using Temporary Security Credentials.

Default: The value of the
AWS_DELEGATION_TOKEN environment variable
(if set).

Example: -T AQoDYXdzEJr...<remainder of security
token>

--connection-timeout timeout

The connection timeout, in seconds.

Example: --connection-timeout 30

--request-timeout timeout

The request timeout, in seconds.

Example: --request-timeout 45

-H, --headers

Includes column headers in the command output.

--show-empty-fields

Shows empty columns as (nil).

--hide-tags

Omits tags for tagged resources.

--debug

Displays internal debugging information. This can assist us when helping you troubleshooting problems.

-D, --auth-dry-run

Checks whether you have the required permissions for the command, without actually running the command.
If you have the required permissions, the command returns DryRunOperation; otherwise, it
returns UnauthorizedOperation.

-v, --verbose

Displays verbose output, including the API request and response on the command line. This is useful
if you are building tools to talk directly to the Query API.

-

Reads arguments from standard input. This is useful when piping the output from one command to the input of another.

Deprecated Options

We have deprecated the SOAP API for Amazon EC2. For more information, see SOAP Requests. From version 1.6.14.0 onwards of the Amazon EC2 CLI tools, the private key (-K, --private-key) and X.509 certificate (-C, --cert) options are not supported.
Use your access key ID (-O, --aws-access-key) and secret access key (-W, --aws-secret-key) instead.
For more information, see Setting Up the Amazon EC2 CLI and AMI Tools.

Option

Description

-K, --private-key ec2_private_key

The private key to use when constructing requests to Amazon EC2.

Default: The value of the EC2_PRIVATE_KEY environment variable.

Example: -K pk-HKZYKTAIG2ECMXYIBH3HXV4ZBEXAMPLE.pem

-C, --cert ec2_cert

The X.509 certificate to use when constructing requests to Amazon EC2.